Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/e8JWpozjp2CQVeh0fKR2of1rmnU.roa
File: e8JWpozjp2CQVeh0fKR2of1rmnU.roa (raw, json)
Hash identifier: cncyccKFGSSxuzQyK2QlQLGesHp6P7TKw/dYGMrOaLM=
Subject key identifier: 7B:C2:56:A6:8C:E3:A7:60:90:55:E8:74:7C:A4:76:A1:FD:6B:9A:75
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0194282670759F9E7A60E164F09C1C792EC9
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/e8JWpozjp2CQVeh0fKR2of1rmnU.roa
Signing time: Thu 02 Jan 2025 17:53:15 +0000
ROA not before: Thu 02 Jan 2025 17:53:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19148
IP address blocks: 89.249.194.0/24 maxlen: 24
89.249.195.0/24 maxlen: 24
212.42.196.0/24 maxlen: 24
212.42.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:70:75:9f:9e:7a:60:e1:64:f0:9c:1c:79:2e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 17:53:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bc256a68ce3a7609055e8747ca476a1fd6b9a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b9:05:94:40:1b:23:63:98:60:5d:2a:5e:e6:
e8:12:49:a6:f8:59:83:e2:ff:7b:23:a2:d5:68:c4:
e1:48:83:2a:03:ab:89:9d:89:fa:91:3e:10:dc:e7:
0d:93:c6:f9:d6:72:7b:75:f5:ce:b7:d2:2d:cb:59:
5e:8e:14:09:d3:86:85:60:ab:21:40:9d:20:44:5a:
b1:68:9f:0c:47:a1:d0:61:56:c8:8c:5d:f8:25:b4:
f5:6f:4a:50:5b:5d:41:18:51:a7:76:43:2c:34:d9:
38:f2:19:c9:38:17:34:e1:e4:38:c8:d1:af:c6:8e:
c3:76:0e:a3:c6:4a:7b:1c:36:f4:2e:50:d7:79:17:
6c:6e:fc:4b:91:1b:80:e9:14:64:69:3b:32:49:de:
10:ed:97:8b:3a:db:ce:eb:77:5d:36:0c:a3:08:8c:
27:3c:13:b4:ab:66:31:bb:f6:ee:18:06:09:8f:27:
a1:d4:c8:f0:d4:37:f3:75:a8:af:e1:6d:1d:e7:11:
15:b2:62:8d:6c:05:0b:08:92:b0:c1:3d:21:06:eb:
ab:e3:9a:b3:76:10:39:9c:93:8a:05:1b:ac:92:e6:
3d:06:b3:6f:64:72:24:d2:b8:77:00:68:a0:64:ec:
5d:f4:b2:30:a5:95:ee:74:2e:e8:5e:9d:8d:fb:ac:
e5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C2:56:A6:8C:E3:A7:60:90:55:E8:74:7C:A4:76:A1:FD:6B:9A:75
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/e8JWpozjp2CQVeh0fKR2of1rmnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.194.0/23
212.42.196.0/24
212.42.206.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:0e:d1:bf:04:b3:a1:df:ad:76:9f:85:29:1f:32:40:8b:98:
77:f5:80:d6:33:48:75:5e:b7:31:56:8e:a3:cd:31:b0:83:c7:
80:39:65:cb:01:8f:b9:a5:26:f7:71:21:c2:25:cf:9d:6e:ca:
38:bc:9a:89:45:26:6b:da:fd:15:42:55:5b:e1:51:33:f5:51:
53:02:13:23:a5:b3:71:01:48:48:e7:7d:cc:5a:a6:34:e7:d7:
29:8b:2e:5b:18:a2:e7:b9:ac:33:6d:79:9a:95:4e:1f:5f:6f:
fb:84:8c:0c:66:96:00:3f:3e:e7:fc:ea:76:03:21:9f:17:7c:
e4:79:00:01:e2:ce:cc:c3:23:00:a8:ab:cb:75:98:7f:57:6d:
5a:c3:1f:82:79:91:a8:e6:e0:0e:bb:dc:96:6e:3e:88:ba:6a:
ca:81:75:ae:7e:b3:16:1b:01:39:14:e4:dd:3e:bf:f5:d8:4a:
37:18:ef:b4:89:cf:58:ac:79:d2:71:49:6f:74:5c:e7:62:a9:
ec:1d:c8:9d:bb:7f:bc:91:78:f0:37:fd:a0:fb:06:19:ec:08:
29:71:de:b0:d5:c0:b7:93:72:44:54:08:7c:8d:f4:3c:14:87:
75:d1:2a:4c:9f:f9:62:66:df:9f:20:8b:d8:fe:b3:c8:2c:75:
04:00:21:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJnB1n556YOFk8JwceS7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwMTAyMTc1MzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmMyNTZhNjhjZTNhNzYwOTA1NWU4NzQ3Y2E0NzZhMWZkNmI5YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bkFlEAbI2OYYF0qXuboEkmm+FmD
4v97I6LVaMThSIMqA6uJnYn6kT4Q3OcNk8b51nJ7dfXOt9Ity1lejhQJ04aFYKsh
QJ0gRFqxaJ8MR6HQYVbIjF34JbT1b0pQW11BGFGndkMsNNk48hnJOBc04eQ4yNGv
xo7Ddg6jxkp7HDb0LlDXeRdsbvxLkRuA6RRkaTsySd4Q7ZeLOtvO63ddNgyjCIwn
PBO0q2Yxu/buGAYJjyeh1Mjw1Dfzdaiv4W0d5xEVsmKNbAULCJKwwT0hBuur45qz
dhA5nJOKBRuskuY9BrNvZHIk0rh3AGigZOxd9LIwpZXudC7oXp2N+6zlzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHvCVqaM46dgkFXodHykdqH9a5p1MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvZThKV3BvempwMkNRVmVoMGZLUjJvZjFybW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWfnCAwQA
1CrEAwQA1CrOMA0GCSqGSIb3DQEBCwUAA4IBAQC5DtG/BLOh3612n4UpHzJAi5h3
9YDWM0h1XrcxVo6jzTGwg8eAOWXLAY+5pSb3cSHCJc+dbso4vJqJRSZr2v0VQlVb
4VEz9VFTAhMjpbNxAUhI533MWqY059cpiy5bGKLnuawzbXmalU4fX2/7hIwMZpYA
Pz7n/Op2AyGfF3zkeQAB4s7MwyMAqKvLdZh/V21awx+CeZGo5uAOu9yWbj6IumrK
gXWufrMWGwE5FOTdPr/12Eo3GO+0ic9YrHnScUlvdFznYqnsHcidu3+8kXjwN/2g
+wYZ7Agpcd6w1cC3k3JEVAh8jfQ8FId10SpMn/liZt+fIIvY/rPILHUEACEX
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:08:40 2025 by rpki-client